Threat actors are actively exploiting a critical security flaw in “Alone Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites.The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.According to Wordfence, the shortcoming relates to an arbitrary file upload
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/07/hackers-exploit-critical-wordpress.html
